Framework/Configurations/SVT/ControlSettings.json
|
{
"Diagnostics_RetentionPeriod_Min": 365, "Diagnostics_RetentionPeriod_Forever": 0, "KeyVault": { "KeyRotationDuration_Days": 365, "SecretRotationDuration_Days": 180, "KeyType": "RSA-HSM", "ADAppCredentialTypeCrt": "AsymmetricX509Cert", "ADAppCredentialTypePwd": "Password" }, "SqlServer": { "AuditRetentionPeriod_Min": 365, "AuditRetentionPeriod_Forever": 0 }, "AnalysisService": { "Max_Admin_Count": 2 }, "ERvNet": { "ResourceLockLevel": "ReadOnly" }, "Databricks": { "Tenant_Domain" : "microsoft.com" }, "VirtualMachine": { "Windows": { "SupportedSkuList": [], "ManagementPortList": [ { "Name": "RDP", "Port": 3389 }, { "Name": "WINRM", "Port": 5985 } ], "BaselineIds": [], "ASCRecommendations": [ "EncryptionOnVm", "InstallAntimalware", "VulnerabilityAssessmentDeployment" ], "ASCApprovedPatchingHealthStatuses": [ "Healthy" ], "ASCApprovedBaselineStatuses": [ "Healthy" ], "QueryforBaselineRule": [ "SecurityBaseline | where TimeGenerated >ago(1d) | where ResourceId ==\"{0}\" | summarize arg_max(TimeGenerated,*)by Description| where AnalyzeResult == \"Failed\" " ], "QueryforMissingPatches": [ "Update | where TimeGenerated >ago(1d) |where OSType != \"Linux\" and UpdateState =~ \"Needed\" and iff(isnotnull(toint(Optional)), Optional == false, Optional == \"false\") == true and iff(isnotnull(toint(Approved)), Approved != false, Approved != \"false\") == true and (Classification == \"Security Updates\" or Classification == \"Critical Updates\") and ResourceId ==\"{0}\"| summarize AggregatedValue =dcount(UpdateID) by UpdateID,Title |limit 1000000000 " ] }, "Linux": { "SupportedSkuList": [], "ManagementPortList": [ { "Name": "RDP", "Port": 3389 }, { "Name": "SSH", "Port": 22 } ], "BaselineIds": [], "ASCRecommendations": [], "ASCApprovedPatchingHealthStatuses": [ "Healthy" ], "ASCApprovedBaselineStatuses": [ "Healthy" ], "QueryforBaselineRule": [ "SecurityBaseline | where TimeGenerated >ago(1d) | where ResourceId ==\"{0}\" | summarize arg_max(TimeGenerated,*)by Description| where AnalyzeResult == \"Failed\" " ], "QueryforMissingPatches": [ "Update | where TimeGenerated >ago(1d) |where OSType == \"Linux\" and UpdateState =~ \"Needed\" and iff(isnotnull(toint(Optional)), Optional == false, Optional == \"false\") == true and iff(isnotnull(toint(Approved)), Approved != false, Approved != \"false\") == true and (Classification == \"Security Updates\" or Classification == \"Critical Updates\") and ResourceId ==\"{0}\"| summarize AggregatedValue =dcount(UpdateID) by UpdateID,Title |limit 1000000000 " ] }, "Windows_OS_Baseline_Ids": [], "ASCPolicies": { "PolicyAssignment":{ "EndpointProtection" : "Install endpoint protection solution on your machines", "DiskEncryption" : "Apply Disk Encryption on your virtual machines", "VulnerabilityScan" : "Remediate vulnerabilities in security configuration on your machines", "OSUpdates" : "Install system updates on your machines", "MonitoringAgent" : "Install monitoring agent on your machines" }, "ResourceDetailsKeys" :{ "WorkspaceId" : "Reporting workspace customer id" } } }, "NoOfApprovedAdmins": 5, "NoOfClassicAdminsLimit": 2, "CriticalPIMRoles": [ "Owner", "Contributor" ], "WhitelistedMgmtCerts": { "Thumbprints": [], "ApprovedValidityRangeInDays": 732 }, "WhitelistedCustomRBACRoles": [ { "Id": "21d96096-b162-414a-8302-d8354f9d91b2", "Name": "Azure Service Deploy Release Management Contributor" }, { "Id": "9f15f5f5-77bd-413a-aa88-4b9c68b1e7bc", "Name": "GenevaWarmPathResourceContributor" }, { "Id": "7fd64851-3279-459b-b614-e2b2ba760f5b", "Name": "Office DevOps" }, { "Id": "a48d7796-14b4-4889-afef-fbb65a93e5a2", "Name": "masterreader" }, { "Id": "a042fe8d-14b3-4850-9120-e2f357577b2d", "Name": "Monitor permissions" } ], "UniversalIPRange": "0.0.0.0-255.255.255.255", "IPRangeStartIP": "0.0.0.0", "IPRangeEndIP": "255.255.255.255", "MetricAlert": { "Actions": { "SendToServiceOwners": true }, "Batch": [ { "Condition": { "DataSource": { "MetricName": "PoolDeleteCompleteEvent" }, "OperatorProperty": "GreaterThan", "Threshold": 0, "TimeAggregation": "Total", "WindowSize": "01:00:00" }, "IsEnabled": true }, { "Condition": { "DataSource": { "MetricName": "PoolDeleteStartEvent" }, "OperatorProperty": "GreaterThan", "Threshold": 0, "TimeAggregation": "Total", "WindowSize": "01:00:00" }, "IsEnabled": true } ], "Storage": [ { "Condition": { "DataSource": { "MetricName": "AnonymousSuccess" }, "OperatorProperty": "GreaterThan", "Threshold": 0, "TimeAggregation": "Total", "WindowSize": "01:00:00" }, "IsEnabled": true } ], "StreamAnalytics": [ { "Condition": { "DataSource": { "MetricName": "AMLCalloutFailedRequests" }, "OperatorProperty": "GreaterThan", "Threshold": 0, "TimeAggregation": "Total", "WindowSize": "00:05:00" }, "IsEnabled": true }, { "Condition": { "DataSource": { "MetricName": "Errors" }, "OperatorProperty": "GreaterThan", "Threshold": 0, "TimeAggregation": "Total", "WindowSize": "00:05:00" }, "IsEnabled": true } ] }, "StorageKindMapping": [ { "Kind": "BlobStorage", "Services": [ "blob" ], "DiagnosticsLogServices": [ "blob" ] }, { "Kind": "Storage", "Services": [ "blob", "file", "queue", "table" ], "DiagnosticsLogServices": [ "blob", "queue", "table" ] }, { "Kind": "StorageV2", "Services": [ "blob", "file", "queue", "table" ], "DiagnosticsLogServices": [ "blob", "queue", "table" ] } ], "AppService": { "Backup_RetentionPeriod_Min": 365, "Backup_RetentionPeriod_Forever": 0, "LatestDotNetFrameworkVersionNumber": "v4.0", "Minimum_Instance_Count": 2, "AADAuthAPIVersion": "2016-08-01", "LoadCertAppSettings": "WEBSITE_LOAD_CERTIFICATES" }, "StorageDiagnosticsSkuMapping": [ "StandardGRS", "StandardLRS", "StandardRAGRS", "StandardZRS" ], "StorageAlertSkuMapping": [ "StandardGRS", "StandardLRS", "StandardRAGRS" ], "StorageGeoRedundantSku": [ "StandardGRS", "StandardRAGRS" ], "RedisCache": { "FirewallApplicableSku": [ "Premium" ], "RDBBackApplicableSku": [ "Premium" ] }, "CosmosDb": { "Firewall": { "IpLimitPerDb": 2048, "IpLimitPerRange": 256 } }, "Automation": { "WebhookValidityInDays": 60 }, "BaselineControls": { "ResourceTypeControlIdMappingList": [ ], "SubscriptionControlIdList": [], "ExpiryInDays": 2, "SupportedSources": [] }, "CloudService": { "LatestOSSKUIDs": [ "WA-GUEST-OS-4.44_201707-01" ] }, "AttestationExpiryPeriodInDays": { "Default": 90, "ControlSeverity": { "Critical": 7, "High": 30, "Medium": 60, "Low": 90 } }, "SubscriptionCore": { "EnableV1AlertFailure": false }, "EventHubOutput": { "TokenTimeOut": 1800, "TimeOut": 60, "APIVersion": "2014-01" }, "DefaultValidAttestationStates": [ "NotAnIssue", "WillFixLater", "WillNotFix" ], "NewControlGracePeriodInDays": { "Default": 60, "ControlSeverity": { "Critical": 7, "High": 30, "Medium": 60, "Low": 90 } }, "AttestationPeriodInDays": { "Default": 90, "ControlSeverity": { "Critical": 7, "High": 30, "Medium": 60, "Low": 90 } }, "ResultComplianceInDays": { "DefaultControls": 3, "OwnerAccessControls": 90 } } |